From 3d072d22c55966f399a3fcc99a9bf990c1e94ea4 Mon Sep 17 00:00:00 2001
From: manfromafar <jonsonb10@gmail.com>
Date: Mon, 29 Nov 2021 14:24:32 -0700
Subject: [PATCH 1/2] Update api.php

Add $admincheck to store a complete copy of $email.
$email appears to be overwritten during the check if the var is empty.
now the admin check compares the complete email against the one from the config file.
---
 web/api.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/web/api.php b/web/api.php
index c3a2e38..65fb2fe 100644
--- a/web/api.php
+++ b/web/api.php
@@ -16,6 +16,11 @@ else $url = array_filter(explode('/',ltrim(parse_url($_SERVER['REQUEST_URI'], PH
 
 $action = strtolower($_REQUEST['a']);
 $email = strtolower($_REQUEST['email']);
+// quick hack to get admin email working. 
+// by the time $email is checked its been over written.
+// store a copy in $admincheck to compare later. 
+$admincheck = $email 
+    
 if(!empty($email)){
   if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
     // email param provided, but invalid: skip action and show invalid email error
@@ -87,7 +92,7 @@ switch($action)
 
     case 'list':
         $settings = loadSettings();        
-        if($settings['ADMIN'] && $settings['ADMIN']==$email)
+        if($settings['ADMIN'] && $settings['ADMIN']==$admincheck)
         {
             $o['status'] = 'ok';
             $o['type'] = 'admin';
@@ -131,4 +136,4 @@ switch($action)
     break;
 }
 
-echo json_encode($o);
\ No newline at end of file
+echo json_encode($o);

From dace8a0df06d4b097b4e716ae204b87c2de9c7a8 Mon Sep 17 00:00:00 2001
From: manfromafar <jonsonb10@gmail.com>
Date: Mon, 29 Nov 2021 14:27:37 -0700
Subject: [PATCH 2/2] Update api.php

Missed ;
---
 web/api.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/api.php b/web/api.php
index 65fb2fe..279622b 100644
--- a/web/api.php
+++ b/web/api.php
@@ -19,7 +19,7 @@ $email = strtolower($_REQUEST['email']);
 // quick hack to get admin email working. 
 // by the time $email is checked its been over written.
 // store a copy in $admincheck to compare later. 
-$admincheck = $email 
+$admincheck = $email;
     
 if(!empty($email)){
   if(!filter_var($email, FILTER_VALIDATE_EMAIL)){